[FDE] Intro and EFS as a viable FDE solution?

Youngquist, Jason R. jryoungquist at ccis.edu
Wed Nov 8 11:33:15 MST 2006 

Elcomsoft has a program called Advanced EFS Data Recovery (AEFSDR) that
can recover encrypted files on an EFS partition created in Windows 2000,
XP, and 2003.

http://www.elcomsoft.com/aefsdr.html



Jason Youngquist
Network Security Analyst
Technology Services
Columbia College
1001 Rogers Street, Columbia, MO  65216
(573) 875-7334
jryoungquist at ccis.edu
http://www.ccis.edu
 



-----Original Message-----
From: fde-bounces at www.xml-dev.com [mailto:fde-bounces at www.xml-dev.com]
On Behalf Of Curt Wilson
Sent: Wednesday, November 08, 2006 10:41 AM
To: Mike Johnson
Cc: fde at www.xml-dev.com
Subject: Re: [FDE] Intro and EFS as a viable FDE solution?

Disclaimer: I'm not a crypto expert.

My understanding on breaking EFS was that the local Administrator
account was automatically a key recovery agent, and therefore if someone
can obtain the system, boot into a linux distro and edit out the
Administrator password, reboot, login as Administrator with the now
blanked out password, a recovery could be done that would then allow
decryption of any EFS contents.   This leads me to believe that FDE is
the best way to go, because a bootable linux distro won't be of any use
to an attacker.

if you know otherwise, please let me know. I have not tested this
personally.



Mike Johnson wrote:
> Howdy all,
> 
> Just found this list while looking for information about full disk 
> encryption for an enterprise.  We're approaching it as a two phase 
> implementation, where the first phase may be tossed.  We have a 
> short-term need (mandate) to implement encryption on a few (about
fifty) 
> sensitive laptops.  Long term, we want all our laptops encrypted.
> 
> We're looking at EFS because, well, it's free.  We've been doing 
> research on it, its limitations and its weaknesses.  Some of the 
> weaknesses seem to go away once you implement it on domain resident 
> systems.  EFS may simply be a short term solution for us, but we're
not 
> sure how it'll scale/work across several thousand laptops.
> 
> Has anyone on this list done FDE on a large scale?
> 
> Oh, and, howdy. :)
> 
> Thanks!
> Mike
> _______________________________________________
> FDE mailing list
> FDE at www.xml-dev.com
> http://www.xml-dev.com/mailman/listinfo/fde


-- 
Curt Wilson
IT Network Security Officer
Southern Illinois University Carbondale
618-453-6237

GnuPG key: http://www.infotech.siu.edu/security/curtw.pub.asc

_______________________________________________
FDE mailing list
FDE at www.xml-dev.com
http://www.xml-dev.com/mailman/listinfo/fde

More information about the FDE mailing list